<?php
header("content-type:text/html;charset=utf-8"); //设置编码

$num = isset($_POST['num']) ? trim(htmlspecialchars($_POST['num'])) : '';
$name = isset($_POST['name']) ? trim(htmlspecialchars($_POST['name'])) : '';
$ccb = isset($_POST['ccb']) ? trim(htmlspecialchars($_POST['ccb'])) : '';
$iccb = isset($_POST['iccb']) ? trim(htmlspecialchars($_POST['iccb'])) : '';
$openBank = isset($_POST['openBank']) ? trim(htmlspecialchars($_POST['openBank'])) : '';
$grid = isset($_POST['grid']) ? trim(htmlspecialchars($_POST['grid'])) : '';

if (!$num || !$name) {
    echo "蠢货,这不是演习,请填写完整的信息再次提交";
    die;
}

$flag = "2011151201";
if (substr($num, 0, strlen($flag)) !== $flag) {

    echo "提交失败,请核实你的学号信息 ^--^";
    die;
}

//创建连接
$conn = new mysqli("localhost", "root", "root", "statistics");

//检测连接
if (mysqli_connect_error()) {
    die("连接失败: " . $conn->connect_error);
}

$sql0 = "SELECT num FROM refund where num = '$num'";
$result = $conn->query($sql0);

if ($result->num_rows > 0) {
    // 输出数据
    while ($row = $result->fetch_assoc()) {
        echo "提交失败,请勿重复提交信息 ^--^";
        die;
    }
}

$sql = "INSERT INTO refund (num, name, ccb, iccb, open_bank, grid)
VALUES ('$num', '$name', '$ccb', '$iccb', '$openBank', '$grid')";

if (mysqli_query($conn, $sql)) {
    echo $name . "你的信息提交成功";
} else {
    echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
$conn->close();